Microsoft warned of ongoing social engineering attacks targeting LinkedIn users. The actor involved is APT38 (BlueNoroff - which Microsoft tracks as "Sapphire Sleet"), linked to the DPRK-backed Lazarus Group. Targeted LinkedIn users are lured into downloading weaponized documents and / or visiting attacker-controlled skills assessment portals including password-protected ones. The campaign appears to be financially motivated.
- Clipeus